WTAF?
you can add extra characters to your password and it's still accepted?
a) no, that's not how passwords are supposed to work
b) no, you're storing the passwords
(not just wrong, but you're storing them in the first place)
c) you're not hashing them?
d) YOU ARE A F**KING BANK!
@0x56 I store passwords- yeah- in the strongest computer in the world- my brain.
@AkomoCombine - but are you also a bank sever handling tends of thousands of customers and billions of Euros and hundreds of log ins per hour?
@AkomoCombine - I'm taking server side password handling/authentication. There are plenty of solutions there. My personal favorite is bcrypt with a constantly rotating salt, but others exist to varying degrees of effectiveness.
As far as you, as a consumer, I'd suggest a password manager which will generate complex passwords for you and save them in either a symetric or asymmetric encrypted format (depending on your own personal use case)
@0x56 That would work- ill have to try it out and see- thanks!
@AkomoCombine - I like LastPass if you're a family, 1password for a single user multi device, or keepass for a single user/single device
@0x56 Yeah definitely interested since I need to teach this to my kids. They will know how the internet works and how to defend themselves from virtual attack
@AkomoCombine - this will just delay an attack. If you can get @White_Rabbit to come out of his rabbit hole, he may be able to teach you how to teach them to defend themselves.
@0x56 Need a solution then. most people do not keep complex passwords to begin with